ZyXel ZyWall 10 internet security gateway and router reviewed

ZyWall 10 Internet Security Gateway  link

from ZyXEL link

Review Type: Hands On

Reviewer: Chris Kaminski

Date: Feb 13, 2001

The ZyWall 10 is one of the first in a series of Cable/DSL routers / firewalls that we will be seeing this year. As security awareness on the internet builds, consumer are demanding better security for their home networks – security that goes beyond simple NAT addressing security. The ZyWall 10 appears to be in a good spot to fill this need.

Security Note

ZyNOS ZyWall Network Operating System passed the ICSA.NET firewall certification - link

ZyXEL has been in the firewall and security business for quite some time. They built a networking operating system, called ZyNOS, that has been the core of their previous firewall products. ZyXEL has built this product, the ZyWall10 around their newest release of ZyNOS, ver 3.20. This new version features a web interface and a setup wizard making it perfect for home network users wanting more security without the huge learning curve real firewalls have demanded in the past.

What the ZyWall 10 can do for you

Connection Sharing

Like other broadband routers, the ZyWall 10 implements NAT. This allows multiple computers on your private LAN to access the internet through a single IP address. The ZyWALL 10 also implements other kinds of NAT for some real unique configurations.

Firewall

The ZyWall 10 is “pre-configured to automatically detect and thwart Denial of Service (DoS) attacks such as Ping of Death, SYN Flood, LAND attack, IP Spoofing, etc. It also uses stateful packet inspection to determine if an inbound connection is allowed through the firewall to the private LAN”. This keeps hackers out of your system, AND it keeps them from denying you access to the internet with DoS attacks. Additionally, the ZyWall 10 actually lets you configure your TCP and UDP timeouts.

Attack Alert Logs

If someone IS attacking your network, the ZyWall 10 can be configure to let you know about it. Not only will it e-mail you an attack log on a schedule, you can have it e-mail you immediately on certain attack occurrences.

Blocking and Content Filtering

Using the web interface, the ZyWall 10 can be configured to deny access to certain domains. It can also block cookies, ActiveX objects, and JAVA!

Installing the ZyWall 10

Since the ZyWall 10 does not include a switch for your lan, you will need an external one. Just string a Cat5 between the uplink cable of your switch and the ZyWall lan port. If your hub/switch does not have an uplink port, the ZyWall has a handy switch on the back to turn it’s LAN port into an uplink port.

The ZyWall 10 defaults to an IP address of 192.168.1.1 subnet 255.255.255.0. You will have to set one of your computers to an IP address in that range – like 192.168.1.2 subnet 255.255.255.0. Once that is done, simply open your web browser and point to http://192.168.1.1 . The ZyWall will ask you for a user ID and password (admin,1234) and will then display your main menu. I would suggest running through the ‘Wizard Setup’.

Next, click the LAN button at the left of the screen. The wizard only asked for your primary DNS server, so you will have to type the secondary one in on this screen. Also make sure that your DHCP server is enabled.

We ran the ZyWall 10 through a couple of intense secuity tests on the internet.  It passed them both with flying colors.  A perfect score was obtained from HackerWhacker and Shield Probe at DSL Reports reported a -1 (0 is perfect).  Click HERE to see the Shield Probe results.

A couple things that could use some help

In summary, the ZyWall 10 is a serious Firewall. The new web interface on ZyNOS makes the setup a snap. You get a professional level firewall with stateful packet inspection without having to be a network specialist. If a NAT router isn’t good enough for you, try the ZyWall 10.

This article was republished by ZyXEL here

ZyXel ZyWall 10 internet security gateway and router reviewed